Skip to content

Commit 8a362e7

Browse files
Refactor release.yml for clarity and consistency
Removed unnecessary whitespace and updated comments in the release workflow.
1 parent 38557ac commit 8a362e7

1 file changed

Lines changed: 26 additions & 22 deletions

File tree

.github/workflows/release.yml

Lines changed: 26 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
name: Javascript Wrapper Release
2-
2+
33
on:
44
workflow_call:
55
inputs:
@@ -43,10 +43,10 @@ on:
4343
required: false
4444
default: true
4545
type: boolean
46-
46+
4747
permissions:
4848
contents: read
49-
49+
5050
jobs:
5151
delete:
5252
permissions:
@@ -73,11 +73,11 @@ jobs:
7373
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
7474
with:
7575
fetch-depth: 0
76-
76+
7777
- name: Verify single lockfile (Step 0 - Supply Chain Policy)
7878
run: |
7979
if [ -f yarn.lock ] && [ -f package-lock.json ]; then
80-
echo "❌ ERROR: Both yarn.lock and package-lock.json found. Policy requires exactly ONE package manager. Allowed: npm + package-lock.json OR Yarn + yarn.lock"
80+
"❌ ERROR: Both yarn.lock and package-lock.json found. Policy requires exactly ONE package manager. Allowed: npm + package-lock.json OR Yarn + yarn.lock"
8181
exit 1
8282
fi
8383
if [ ! -f yarn.lock ] && [ ! -f package-lock.json ]; then
@@ -88,17 +88,17 @@ jobs:
8888
run: |
8989
git config user.name github-actions
9090
git config user.email github-actions@github.com
91-
91+
9292
- uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
9393
with:
9494
node-version: 22.11.0
9595
registry-url: https://npm.echohq.com/
96-
96+
9797
- name: Configure GitHub Packages auth
9898
env:
9999
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
100100
run: npm config set //npm.pkg.github.com/:_authToken "${GH_TOKEN}"
101-
101+
102102
- name: Generate Tag name
103103
id: generate_tag_name
104104
env:
@@ -113,19 +113,19 @@ jobs:
113113
else
114114
TAG_NAME=v$(node -p "require('./package.json').version")
115115
fi
116-
116+
117117
echo "Generated TAG_NAME: $TAG_NAME"
118118
echo "TAG_NAME=$TAG_NAME" >> $GITHUB_ENV
119119
echo "TAG_NAME=$TAG_NAME" >> $GITHUB_OUTPUT
120-
120+
121121
- name: Extract CLI version
122122
id: extract_cli_version
123123
run: |
124124
CLI_VERSION=$(cat checkmarx-ast-cli.version | grep -Eo '^[0-9]+\.[0-9]+\.[0-9]+')
125125
echo "CLI version being packed is $CLI_VERSION"
126126
echo "CLI_VERSION=$CLI_VERSION" >> $GITHUB_ENV
127127
echo "CLI_VERSION=$CLI_VERSION" >> $GITHUB_OUTPUT
128-
128+
129129
- name: Check if CLI version is latest
130130
id: check_latest_cli_version
131131
env:
@@ -136,20 +136,24 @@ jobs:
136136
if [ "$INPUT_DEV" == "false" ] || [ -n "$INPUT_CLI_TAG" ] || [ "$GIT_REF" != "refs/heads/main" ]; then
137137
exit 0
138138
fi
139-
139+
140140
LATEST_CLI_VERSION=$(curl -s https://api.github.com/repos/Checkmarx/ast-cli/releases/latest | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
141141
if [ "$CLI_VERSION" = "$LATEST_CLI_VERSION" ]; then
142142
echo "Confirm that the CLI version in the repository is up-to-date with the most recent release: $CLI_VERSION"
143143
else
144144
echo "The current repository contains a CLI version that differs from the latest released version: Expected $LATEST_CLI_VERSION, got $CLI_VERSION"
145145
exit 1
146146
fi
147-
147+
148148
- name: NPM ci and build
149+
env:
150+
ECHO_LIBRARIES_ACCESS_KEY: ${{ secrets.ECHO_LIBRARIES_ACCESS_KEY }}
149151
run: |
152+
npm config set //npm.echohq.com/:_authToken "${ECHO_LIBRARIES_ACCESS_KEY}"
153+
npm config set //packages.echohq.com/:_authToken "${ECHO_LIBRARIES_ACCESS_KEY}"
150154
npm ci --ignore-scripts
151155
npm run build
152-
156+
153157
- name: Create Pull Request
154158
id: create_pr
155159
if: inputs.dev == false && inputs.bumpVersion == true
@@ -161,28 +165,28 @@ jobs:
161165
body: "This is an automated PR created by GitHub Actions"
162166
base: main
163167
draft: false
164-
168+
165169
- name: Wait for PR to be created
166170
id: pr
167171
if: inputs.dev == false && inputs.bumpVersion == true
168172
uses: octokit/request-action@b91aabaa861c777dcdb14e2387e30eddf04619ae # v3.0.0
169173
with:
170174
route: GET /repos/${{ github.repository }}/pulls?head=${{ github.repository_owner }}:${{ env.BRANCH_NAME }}
171-
175+
172176
- name: Merge Pull Request
173177
if: inputs.dev == false && inputs.bumpVersion == true
174178
uses: octokit/request-action@b91aabaa861c777dcdb14e2387e30eddf04619ae # v3.0.0
175179
with:
176180
route: PUT /repos/${{ github.repository }}/pulls/${{ steps.create_pr.outputs.pull-request-number }}/merge
177181
merge_method: squash
178-
182+
179183
- name: Push tag
180184
if: inputs.dev == false
181185
run: |
182-
git pull
186+
git pull
183187
git tag ${{env.TAG_NAME}}
184188
git push --tags
185-
189+
186190
- name: Publish npm package
187191
env:
188192
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -194,15 +198,15 @@ jobs:
194198
else
195199
npm publish --access public
196200
fi
197-
201+
198202
- name: Create Release
199203
uses: step-security/action-gh-release@277bfa82abcfdb73e5bbb19e213fd76532ee2be5 # v3.0.0
200204
with:
201205
name: ${{env.TAG_NAME}}
202206
tag_name: ${{env.TAG_NAME}}
203207
generate_release_notes: true
204208
prerelease: ${{ inputs.dev }}
205-
209+
206210
# notify:
207211
# if: inputs.dev == false
208212
# needs: release
@@ -215,7 +219,7 @@ jobs:
215219
# release_url: https://github.com/Checkmarx/ast-cli-javascript-wrapper-runtime-cli/releases/tag/${{ needs.release.outputs.TAG_NAME }}
216220
# jira_product_name: JS_RUNTIME_WRAPPER
217221
# secrets: inherit
218-
222+
219223
# dispatch_auto_release:
220224
# name: Update ADO Extension With new Wrapper Version
221225
# if: inputs.dev == false

0 commit comments

Comments
 (0)